CVE-2021-30116
Kaseya Virtual System/Server Administrator (VSA) Information Disclosure Vulnerability
CVSS
—
No CVSS
EPSS
85.6%
p100
KEV
YES
Nov 3, 2021
Exploit Today
80
0-100
Published: — · Last modified: —
85.6%EPSS · 30 days85.6%
2026-06-302026-07-16
Product
Kaseya / Virtual System/Server Administrator (VSA)
Vulnerability
Kaseya Virtual System/Server Administrator (VSA) Information Disclosure Vulnerability
Added to KEV
Nov 3, 2021
Remediate by
Nov 17, 2021
Known ransomware use
Yes
Summary description
Kaseya Virtual System/Server Administrator (VSA) contains an information disclosure vulnerability allowing an attacker to obtain the sessionId that can be used to execute further attacks against the system.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-30116